3

I am currently working on a web application page, my boss sees the changes online while i still make the changes, sometimes the page is shown to some clients in order to get feedback while it's still on development..

At this point i have added a self-signed certification and of course the browser throws the warning about privacy problems. i would like to know if it's ok to ask an authority to sign the certification while the page is still on development.

does it need to renew if are there some major changes to the page? what could be the consequences for using a signed certification from an authority while developing

Oscar Reyes
  • 143
  • 5

1 Answers1

3

You can pay a certificate authority for a certificate at any time, if you have an internet domain.

Certificates are issued for internet domains, not for applications.

There are no rules as to whether your application(s) can be still in development. You don't even have to have an application. You could host just a static page or nothing.

The practical consideration is whether you want to pay for the certificate and whether you are making the application available on the internet yet.

Certificates are purchased for a period of time. Typically there is an annual fee. If that is not paid then they expire.

If you are not yet hosting the application on the internet and you want to get rid of the messages related to self-signed certificates, when you do remote demos, you can create your own certificate authority on your internal network, or turn off TLS/SSL internally if appropriate.

joshp
  • 3,451
  • 1
  • 21
  • 27